macdevcenter.com
oreilly.comSafari Books Online.Conferences.

advertisement

AddThis Social Bookmark Button

Setting up a Site Server with Jaguar
Pages: 1, 2, 3, 4

Last Stop: Setting up IMAPd

The last thing we need to do to have a fully-functional site server is to set up a POP and IMAP server so that we can get our mail. Unfortunately, software for these mail servers doesn't ship by default on Mac OS X. Fortunately, it's easy to get, compile, and set up. We're going to use the University of Washington IMAP server. It's been widely tested, is stable, and is easy to use. It also works well with OpenSSL, which is installed as part of Mac OS X.



This integration with OpenSSL is very important, because you have to have a password to log in to your IMAP server, and you do not want others to be able to see this password while it is in transmission. To make sure that your passwords stay secure, I'm going to give you instructions on how to build the IMAP server to use OpenSSL only. This configuration will be compatible with any mail client that understands SSL -- this includes Mail.app and Entourage.

Setting up the Developer Tools

But, before we can build the IMAP server, we need to have the developer tools installed with the optional BSD SDK on the system. If you haven't already installed the developer tools, or neglected to install the BSD SDK, grab the Developer Tools CD that came with Mac OS X, insert it into your computer, and double click on the Developer.mpkg file in the window that appears. Proceed through the installation wizard until just after you have selected the disk to install onto. When you see the announcement "Click Install to perform a basic installation of this software package," clike the Customize button instead. Make sure that the BSD SDK checkbox is clicked, and then click "Install."

The installer will chug on for a while. Do something else while it works, as it is not a quick install. Grab some coffee. Or water.

Download and Build the IMAP Server

Next, we need to download and build the IMAP server. This is a relatively straightforward process when you know exactly what to type. All you need to do is follow this script and you will have a built and functional SSL-enabled IMAP server ready to be set up. As you type most of these commands in, output on what is happening will scroll by, but as long as you don't make a mistake, everything should be fine.

% curl ftp://ftp.cac.washington.edu/imap/imap.tar.Z > imap.tar.Z
% uncompress imap.tar.Z
% tar xf imap.tar
% cd imap-2002.RC2/
% make osx SSLTYPE=nopwd SSLDIR=/usr SSLCERTS=/etc/sslcerts
% sudo mkdir -p /usr/local/bin
% sudo cp imapd/imapd /usr/local/bin/imapd

There. That wasn't so bad, was it? You now have a fully-functional IMAP server just waiting to be used.

Configure the IMAP Server

There are two things we need to do to configure the IMAP server. The first is to set up the SSL certificate that will be used by the server. The second is to enable the server to handle requests.

To install a self-signed certificate (perfectly adequate for our needs), use the following commands. You will be asked a few questions as part of the process of making this certificate. The answers I used are highlighted in bold.

% sudo mkdir -p /etc/sslcerts
% sudo openssl req -new -x509 -nodes -out /etc/sslcerts/imapd.pem -keyout /etc/sslcerts/imapd.pem -days 3650
Using configuration from /System/Library/OpenSSL/openssl.cnf
Generating a 1024 bit RSA private key
...................................................++++++
...........................++++++
writing new private key to '/etc/sslcerts/imapd.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:California
Locality Name (eg, city) []:San Francisco
Organization Name (eg, company) [Internet Widgits Pty Ltd]:x180
Organizational Unit Name (eg, section) []:Home Mail
Common Name (eg, YOUR name) []:James Duncan Davidson
Email Address []:duncan@x180.net

The last thing we need to do is configure Mac OS X to start up the IMAP server when it sees requests to the IMAP over SSL port (port 993). To do this, we need to edit the /etc/inetd.conf file.

% sudo pico /etc/inetd.conf

Add the following line to the very end of the file:

imaps stream tcp nowait root /usr/libexec/tcpd /usr/local/bin/imapd

Now, we just need to restart the inetd deamon:

%  ps -ax | grep inetd
  323  ??  Ss     0:00.01 inetd
  4798 std  R+     0:00.00 grep inetd
% sudo kill -HUP 323

Congratulations. You're done. Now it's time to set up your mail client to use it. Besides setting up your mail client to use the host, username, and password for your mail account, you'll want to make sure that you enable the SSL option. This is shown in the following configuration panel from Mail.app.

Screen shot.
The Mail.app configuration panel.

Also, notice that I've setup an IMAP path prefix. This is the directory in my home directory on the server in which my IMAP mailboxes will be kept. If you don't specify this, then your home directory will be used, and you'll see them show up in your Mail application.

Conclusion

We've just set up everything needed to have a full-fledged site server on the Internet with Mac OS X. There are many other things that can be tweaked, configured, and added to this foundation. You can find instructions for many of these here on the O'Reilly Network. Another great resource to use is Stepwise.

There's one last important thing to say before we're done. Now that you have a server up and running, you'll want to make sure that it doesn't automatically go to sleep on you. Just go into the System Preferences, click on Energy Saver, and make the appropriate selections.

Related Resources:

"Learning the Mac OS X Terminal" -- Chris Stone, contributor to Mac OS X: The Missing Manual, shows you how to get comfortable using the Terminal application in Mac OS X. His hands-on tutorials will have you punching out command lines in no time at all.

"Homemade Dot-Mac with OS X" -- So you don't want to pony up the $99 annual fee for .Mac? No problem if you've switched to Mac OS X, because everything is built-in for you to set up your own .Mac suite of services. Alan Graham shows you how.

"Apache Web Serving with Mac OS X" -- There's a powerful Apache Web server built in to every Mac OS X computer. Kevin Hemenway shows you how to start serving Web pages within minutes, then gives you the tools for advanced techniques that seasoned system administrators use every day.

Apache: The Definitive Guide -- Written and reviewed by key members of the Apache group, this book is the only complete guide on the market that describes how to obtain, set up, and secure the Apache software.

Apache Pocket Reference -- Provides a summary of Apache command-line options, configuration directives, and modules, and covers Apache support utilities.

sendmail, 2nd Edition -- covers sendmail version 8.8 from Berkeley and the standard versions available on most systems. This cross-referenced edition offers an expanded tutorial and solution-oriented examples, plus topics such as the #error delivery agent, sendmail's exit values, MIME headers, and how to set up and use the user database, mailertable, and smrsh.

James Duncan Davidson is a freelance author, software developer, and consultant focusing on Mac OS X, Java, XML, and open source technologies. He currently resides in San Francisco, California.


Return to the Mac DevCenter.